aboutsummaryrefslogtreecommitdiffstats
path: root/lib/public_key
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2010-09-08 14:30:43 +0200
committerIngela Anderton Andin <[email protected]>2010-09-10 10:11:25 +0200
commitfb29cd6c08a77778fdf7258f5682108e46fe26af (patch)
tree6e6cabd03a479c2d7656090569790c1e9977026d /lib/public_key
parent358eaf9d14a0102eaca5bb482d03d4fc37639724 (diff)
downloadotp-fb29cd6c08a77778fdf7258f5682108e46fe26af.tar.gz
otp-fb29cd6c08a77778fdf7258f5682108e46fe26af.tar.bz2
otp-fb29cd6c08a77778fdf7258f5682108e46fe26af.zip
Add handling of SubjectAltName of type otherName
Diffstat (limited to 'lib/public_key')
-rw-r--r--lib/public_key/src/pubkey_cert.erl11
1 files changed, 9 insertions, 2 deletions
diff --git a/lib/public_key/src/pubkey_cert.erl b/lib/public_key/src/pubkey_cert.erl
index b3c230df25..7851981a30 100644
--- a/lib/public_key/src/pubkey_cert.erl
+++ b/lib/public_key/src/pubkey_cert.erl
@@ -538,17 +538,22 @@ validate_extensions(OtpCert, [#'Extension'{extnID = ?'id-ce-keyUsage',
end;
validate_extensions(OtpCert, [#'Extension'{extnID = ?'id-ce-subjectAltName',
- extnValue = Names} | Rest],
+ extnValue = Names} = Ext | Rest],
ValidationState, ExistBasicCon,
SelfSigned, UserState0, VerifyFun) ->
case validate_subject_alt_names(Names) of
true when Names =/= [] ->
validate_extensions(OtpCert, Rest, ValidationState, ExistBasicCon,
SelfSigned, UserState0, VerifyFun);
- _ ->
+ false ->
UserState = verify_fun(OtpCert, {bad_cert, invalid_subject_altname},
UserState0, VerifyFun),
validate_extensions(OtpCert, Rest, ValidationState, ExistBasicCon,
+ SelfSigned, UserState, VerifyFun);
+ other ->
+ UserState = verify_fun(OtpCert, {extension, Ext},
+ UserState0, VerifyFun),
+ validate_extensions(OtpCert, Rest, ValidationState, ExistBasicCon,
SelfSigned, UserState, VerifyFun)
end;
@@ -682,6 +687,8 @@ is_valid_subject_alt_name({directoryName, _}) ->
true;
is_valid_subject_alt_name({_, [_|_]}) ->
true;
+is_valid_subject_alt_name({otherName, #'AnotherName'{}}) ->
+ other;
is_valid_subject_alt_name({_, _}) ->
false.